From: Scott Morris (swm@emanon.com)
Date: Tue May 30 2006 - 00:12:41 ART
Whenever you specify minutes, it includes up to the :59 second mark.
So... IMHO, 5:59:59 would get you right TO 6am. If you're feeling extra
paranoid, I'd say ask the proctor. In the grand scheme of things, however,
this is a semantic argument and not one that makes or breaks one being
deemed an "expert" (or at least I sincerely would hope so)...
HTH,
Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service Provider) #4713, JNCIE
#153, CISSP, et al.
CCSI/JNCI
IPExpert CCIE Program Manager
IPExpert Sr. Technical Instructor
smorris@ipexpert.com
http://www.ipexpert.com
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
darbyweaver@yahoo.com
Sent: Monday, May 29, 2006 11:05 PM
To: ccielab@groupstudy.com
Subject: Time Range ACLs - 17:59 or 18:00 ???
I was wondering what the general consensus was with regard to Time-Range
ACLs.
If I wanted to do the following:
Don't permit ftp traffic during weekdays from 18:00 to 06:00.
conf t
ip access-list extended FTP_TOD
deny tcp any any eq www time-range FTP_DAYS permit ip any any exit
time-range FTP_DAYS
periodic weekday 18:00 to 05:59
exit
int F0/0
ip access-group FTP_TOD in
or would be this be more accurate:
conf t
ip access-list extended FTP_TOD
deny tcp any any eq www time-range FTP_DAYS permit ip any any exit
time-range FTP_DAYS
periodic weekday 18:00 to 06:00
exit
int F0/0
ip access-group FTP_TOD in
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART